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a dial-up client providing dialing services to access the remote access switch; 
a custom script dynamically linked library providing an interface between the dial- 
up client and the client-side cryptographic function; 
{^2 a security device holding authentication information; 

a security device reader attached to the client computer for reading the security 
device; and 

a directory service accessed by the server-side cryptographic function. 


[cl6] (Amended) The client computer of claim 15, further comprising: 

a security device reader attached to the client computer for reading a security 
device. 


[cl8] (Amended) The client computer of claim 15, wherein the custom script 
< *£? dynamically linked library comprises a SDLogin component and a SDSetupDial 
component. - 

[c20] (Amended) A client computer comprising: 

a dial-up client providing dialing services to the client computer; 
a client-side cryptographic function providing cryptographic services located on 
<^ the client computer; 

a custom script dynamically linked library providing an interface between the dial- 
up client and the client-side cryptographic function; and 
a security device reader attached to the client computer for reading a security 
device. 

[c24] (Amended) A method of integrating via a dial-up interface, comprising: 
js^^ sending session initiation information from a dial-up client to a PKI-Bridge; 

^tT checking session initiation information by the PKI-Bridge; 

generating a challenge string by a server-side cryptographic function; 

forwarding the challenge string to a custom script dynamically linked library; 

3 


U.S. PATENT^^LICATION NO. 09/982,072 
ATTORNEY DOCKET NO. 09469/006001 


forwarding the challenge string to a client-side cryptographic function from the 

custom script dynamically linked library; 
utilizing a private key from a security device; 
generating a response string; 

signing the response string with the private key of a dial-in user; 
forwarding a signed response string to the custom script dynamically linked 
library; 

dividing the signed response string into packets; 
forwarding packets to the PKJ-Bridge; 
^C" reconstructing the signed response string from packets; 

forwarding a reconstructed signed response string to the server-side cryptographic 
function; 

obtaining a public key of the dial-in user; and 

verifying the reconstructed signed response string using the server-side 
cryptographic function. 

[c25] (Amended) The method of claim 24, further comprising: 

reading the security device by a security device reader. 


[c34] (Amended) A method of integrating via a dial-up interface, comprising: 

sending session initiation information from a dial-up client to a PKI-Bridge; 
checking session initiation information by the PKI-Bridge; 
generating a challenge string by a server-side cryptographic function; 
forwarding the challenge string to a custom script dynamically linked library; 
forwarding the challenge string to a client-side cryptographic function from the 

custom script dynamically linked library; 
utilizing a private key from a security device; 
generating a response string; 


U.S. PATEN1^P>LICATI0N NO. 09/982,072 
ATTORNEY DOCKET NO. 09469/006001 


signing the response string with the private key of a dial-in user; 
forwarding a signed response string to the custom script dynamically linked 
library; 

dividing the signed response string into packets; 

forwarding packets to the PKI-Bridge; 

reconstructing the signed response string from packets; 

forwarding a reconstructed signed response string to the server-side cryptographic 
function; 

obtaining a public key of the dial-in user; 

verifying the reconstructed signed response string using the server-side 

cryptographic function; 
reading the security device by a security device reader; 
encoding the signed response string; 
decoding the signed response string; 
forwarding the challenge string to the dial-up client; 
forwarding the challenge string to the PKI-Bridge; and 
forwarding packets from the custom script dynamically linked library. 

[c35] (Amended) An apparatus of integrating via a dial-up interface, comprising: 

means for sending session initiation information from a dial-up client to a PKI- 
Bridge; 

means for checking session initiation information by the PKI-Bridge; 
means for generating a challenge string by a server-side cryptographic function; 
means for forwarding the challenge string to a custom script dynamically linked 
library; 

means for forwarding the challenge string to a client-side cryptographic function 
from the custom script dynamically linked library; 
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means for utilizing_a private key from a security device; 
means for generating a response string; 

means for signing the response string with the private key of a dial-in user; 
means for forwarding a signed response string to the custom script dynamically 
linked library; 

means for dividing the signed response string into packets; 

means for forwarding packets to the PKI-Bridge; 

means for reconstructing the signed response string from packets; 

means for forwarding a reconstructed signed response string to the server-side 

cryptographic function; 
means for obtaining a public key of the dial-in user; and 

means for verifying the reconstructed signed response string using the server-side 
cryptographic function. 


